This invention relates to data transfer between networks operating at different security levels.
High-assurance security products typically are difficult to manage because to minimize the complexity of the trusted security functions, as required to meet Common Criteria EAL-6 and EAL-7 requirements, the administrator interface is typically a very primitive command line interface. The problem is that graphical user interfaces and web-based control, available on most lower-assurance products, require too much complexity in the trusted security functionality. A known Secure Network Server (SNS) product supports a simple command line administrator interface within its trusted security functionality, which administrator interface some users consider to be not easy to use.
There is a need to develop an architecture, design and implementation that still meets the high-assurance requirements of EAL-7 of the Common Criteria, while providing a more user friendly administrator interface.